Binary package “sysdig” in ubuntu kinetic

system-level exploration and troubleshooting tool

 Sysdig instruments your physical and virtual machines at the OS level
 by installing into the Linux kernel and capturing system calls and
 other OS events. Then, using sysdig's command line interface, you can
 filter and decode these events in order to extract useful information
 and statistics.
 Sysdig can be used to inspect live systems in real-time, or to generate
 trace files that can be analyzed at a later stage.
 This package contains the tool to inspect trace files. If you want to
 inspect a live system, you also need to install the according kernel
 module, shipped in the package falcosecurity-scap-dkms.